adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

2409 Commits

Author SHA1 Message Date
h00die-gr3y 07def1c9f0 init commit module 2023-06-05 11:19:42 +00:00
Spencer McIntyre f464401dde Land #17782, Add fetch payloads 
Add http wget cmd based fetch payload for Linux and Windows
 2023-05-18 12:18:27 -04:00
bwatters 548a2d7ab4 Add fetch payloads for Windows and Linux x64 2023-05-18 10:47:29 -05:00
Christophe De La Fuente a485a786ef Land #17881, Zyxel chained RCE using LFI and weak password derivation algorithm 2023-05-10 11:49:51 +02:00
h00die-gr3y 4f8024454c Updates based on cdelafuente-r7 latest comments 2023-05-10 07:46:11 +00:00
h00die-gr3y 51ab9746fb Updates based on cdelafuente-r7 comments 2023-05-06 19:05:21 +00:00
h00die-gr3y cfb21e3de2 Added CVE-2023-28770 reference 2023-04-28 12:51:17 +00:00
h00die-gr3y c39751094a Updates based on review comments 2023-04-21 11:46:53 +00:00
h00die-gr3y 4131f1abf1 Fixed some bugs in module and added documentation 2023-04-20 08:23:55 +00:00
Jack Heysel bd286dd147 Added missing require builder statement 2023-04-18 18:10:46 -04:00
h00die-gr3y de9cd59ea5 added pwd derivation and report credential function including updates based on review comments 2023-04-18 19:17:00 +00:00
bwatters 6ae00877ed Land #17854, VMware Workspace One Access mr_me Hekate RCE 
Merge branch 'land-17854' into upstream-master
 2023-04-18 09:49:41 -05:00
Jack Heysel cda2e9610b Land #17820, optimising the nagiosxi modules 
This PR refactors the authenticated nagiosxi modules and mixins..
 2023-04-14 16:21:26 -04:00
h00die-gr3y e0926890ab init commit module 2023-04-14 13:07:12 +00:00
h00die-gr3y 5584685f24 init commit module 2023-04-14 13:05:42 +00:00
Jack Heysel 08788d3d82 Update logging with rc script info 2023-04-13 14:28:15 -04:00
adfoster-r7 aef2b8d314 Land #17804, Fix incorrect module metadata CI and add validation automation 2023-04-13 15:11:46 +01:00
Jack Heysel bc57131b73 Moving LPE to separate PR 2023-04-12 15:23:51 -04:00
Jack Heysel a2d2946007 Rubocop 2023-04-07 13:53:12 -04:00
Jack Heysel 18170babc2 Fix RCE payloads and add autorunscript 2023-04-07 13:35:16 -04:00
Jack Heysel 056b0a0e8b LPE and doc updates 2023-04-07 10:41:10 -04:00
Jack Heysel 665ba4aece Add additional target 2023-04-06 23:41:36 -04:00
Ryuuuuu 9985538846 Update modules/exploits/linux/http/apache_couchdb_cmd_exec.rb 
fix nil exception

Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2023-04-07 09:55:00 +09:00
Jack Heysel 79d4021f31 Replaced janky XML building 2023-04-06 14:58:05 -04:00
Jack Heysel 544fb8ead6 Removed unecessary start_service proc 2023-04-06 14:26:02 -04:00
Jack Heysel d92fc41d29 Print out what command fails when attempting RCE 2023-04-06 13:31:17 -04:00
Jack Heysel 4984a3e2d3 Edit check method to raise errors instead of returning boolean 2023-04-06 13:25:20 -04:00
Jack Heysel b7456e20d5 VMware Workspace One Access mr_me Hekate exploit 2023-04-05 23:10:34 -04:00
cgranleese-r7 c3a7da54d5 reduces code duplication 2023-04-04 10:27:11 +01:00
cgranleese-r7 40e6917b7f tests passing 2023-04-04 10:24:09 +01:00
Ryuuuuu 8b3d799104 fix check function which always prints vulnerable 2023-04-04 10:07:06 +09:00
manishkumarr1017 812d3c7f35 PR Review Changes for optimizing the nagiosxi modules 2023-04-01 14:28:37 +05:30
h00die-gr3y bcef7ee357 updated module and documentation with SUDO option 2023-03-26 18:31:25 +00:00
manishkumarr1017 a67e894609 optimising the nagiosxi modules and also fixing the bug when autocheck is disabled 2023-03-26 15:58:45 +05:30
h00die-gr3y 28459c286a init commit module and documentation 2023-03-22 18:40:50 +00:00
Grant Willcox 3bd4c15704 Correct architecture and do final fixes 2023-03-13 15:46:42 -05:00
Jack Heysel 2a9ddae531 Updated description 2023-03-09 17:43:14 -05:00
Jack Heysel 06e7c3d702 Responded to comments updated docs 2023-03-09 17:39:53 -05:00
jheysel-r7 63e2376f64 Apply suggestions from code review 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2023-03-09 12:31:30 -05:00
Grant Willcox 100cfbccf9 Fix up some more slight things in documentation. Also tidy up some things in the module 2023-03-08 17:25:56 -06:00
Jack Heysel d31220ef1e Updated references 2023-03-08 14:17:34 -05:00
Jack Heysel 263223b783 Last second file reorganization fix 2023-03-08 14:08:46 -05:00
Jack Heysel dfae7e2fc4 FortiNAC keyUploap.jsp arbitrary file write CVE-2022-39952 2023-03-08 14:06:28 -05:00
Jack Heysel 3abd62076c Land #17624, Oracle E-Business Suite Module 
This pull request adds an exploit module for CVE-2022-21587
an arbitrary file upload vulnerability in Oracle Web Applications
Desktop Integrator as shipped with 12.2.3 through to 12.2.11
which results in RCE
 2023-02-28 17:04:20 -05:00
Jack Heysel ca6faed172 Check method enhancement 2023-02-24 13:33:10 -05:00
Jack Heysel 5311a491e9 Froxlor 2.0.7 is actually vulnerable too 2023-02-24 13:18:34 -05:00
space-r7 9621f77bac Land #17640, add Froxlor RCE 2023-02-22 12:11:38 -06:00
Jack Heysel bf7884b2dc Removed need to auth twice when AutoCheck enabled 2023-02-22 12:28:28 -05:00
Jack Heysel 0c8df1a67b Updated docs and module suggetsions 2023-02-22 00:33:40 -05:00
jheysel-r7 42146fc4ec Update modules/exploits/linux/http/froxlor_log_path_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2023-02-21 23:02:49 -05:00